What information is most essential for the board/executives to decide whether to pay ransomware attackers (in cases where ransom payment is not banned)?
Sort By:
Oldest
Vice President, Infrastructure Architect in Finance (non-banking)a month ago
A *realistic* estimate of how long it will take to get back to full operations in either scenario. Management needs to know what kind of costs/losses they incur in either case. This is not the time to sugarcoat or attempt to be the hero/pull off a miracle.Director of ITa month ago
It's a combination of the above.There are several key inputs to the decision. 1. Do you have a strong DR/ECP Plan and how long would it take for you to recover? 2. What is the loss of Revenue and Profit during this timeframe? 3. What Legal issues and costs could also arise from being unable to provide services during this time? Are lives at risk? 4) What would it take to put safeguards in place to prevent a repeat attack? 5) Lastly, what are the chances that payment of the ransom will truly prevent the attacker from coming after you again? Overall, Paying a ramson should be a last resort and spending money up front to minimize the chances of a successful ransomware attack should be strongly considered
Director Of Information Technology in Manufacturinga month ago
A document recovery plan that has been documented, executed and proven. This provides insight for executives on what down time may be involved. Director of IT in Healthcare and Biotecha month ago
I agree with Evan Marks' comments. The only thing I would add is making sure the board has been briefed by law enforcement as well.
I believe the board can only count the votes.